Re: CSP: Minimum cipher strength

On 08.09.2014 22:54, Erlend Oftedal wrote:
> Hi
> 
> Reading the chapter this blog
> post http://marc.durdin.net/2014/09/risks-with-third-party-scripts-on-internet-banking-sites/ made
> me think about the problem of using third party scripts where the
> SSL/TLS is poorly configured, and how we could deal with that.

You can reduce the risk of trusting third party scripts with
http://www.w3.org/TR/SRI/ ;-)

Received on Tuesday, 9 September 2014 09:03:38 UTC